Merge "Fix linker self-exec detection"
diff --git a/libc/bionic/icu.cpp b/libc/bionic/icu.cpp
index 41a0729..72dac9b 100644
--- a/libc/bionic/icu.cpp
+++ b/libc/bionic/icu.cpp
@@ -36,53 +36,12 @@
 
 #include <async_safe/log.h>
 
-// Allowed icu4c version numbers are in the range [44, 999].
-// Gingerbread's icu4c 4.4 is the minimum supported ICU version.
-static constexpr auto ICUDATA_VERSION_MIN_LENGTH = 2;
-static constexpr auto ICUDATA_VERSION_MAX_LENGTH = 3;
-static constexpr auto ICUDATA_VERSION_MIN = 44;
-
-static char g_icudata_version[ICUDATA_VERSION_MAX_LENGTH + 1];
-
 static void* g_libicuuc_handle = nullptr;
 
-static int __icu_dat_file_filter(const dirent* dirp) {
-  const char* name = dirp->d_name;
-
-  // Is the name the right length to match 'icudt(\d\d\d)l.dat'?
-  const size_t len = strlen(name);
-  if (len < 10 + ICUDATA_VERSION_MIN_LENGTH || len > 10 + ICUDATA_VERSION_MAX_LENGTH) return 0;
-
-  return !strncmp(name, "icudt", 5) && !strncmp(&name[len - 5], "l.dat", 5);
-}
-
 static bool __find_icu() {
-  dirent** namelist = nullptr;
-  int n = scandir("/apex/com.android.runtime/etc/icu", &namelist, &__icu_dat_file_filter,
-                  alphasort);
-  if (n < 0) {
-    async_safe_write_log(ANDROID_LOG_ERROR, "bionic-icu", "couldn't find ICU folder");
-    return false;
-  }
-  int max_version = -1;
-  while (n--) {
-    // We prefer the latest version available.
-    int version = atoi(&namelist[n]->d_name[strlen("icudt")]);
-    if (version != 0 && version > max_version) max_version = version;
-    free(namelist[n]);
-  }
-  free(namelist);
-
-  if (max_version < ICUDATA_VERSION_MIN) {
-    async_safe_write_log(ANDROID_LOG_ERROR, "bionic-icu", "couldn't find an ICU .dat file");
-    return false;
-  }
-
-  snprintf(g_icudata_version, sizeof(g_icudata_version), "_%d", max_version);
-
-  g_libicuuc_handle = dlopen("libicuuc.so", RTLD_LOCAL);
+  g_libicuuc_handle = dlopen("libandroidicu.so", RTLD_LOCAL);
   if (g_libicuuc_handle == nullptr) {
-    async_safe_format_log(ANDROID_LOG_ERROR, "bionic-icu", "couldn't open libicuuc.so: %s",
+    async_safe_format_log(ANDROID_LOG_ERROR, "bionic-icu", "couldn't open libandroidicu.so: %s",
                           dlerror());
     return false;
   }
@@ -94,9 +53,9 @@
   static bool found_icu = __find_icu();
   if (!found_icu) return nullptr;
 
-  char versioned_symbol_name[strlen(symbol_name) + sizeof(g_icudata_version)];
-  snprintf(versioned_symbol_name, sizeof(versioned_symbol_name), "%s%s",
-           symbol_name, g_icudata_version);
+  char versioned_symbol_name[strlen(symbol_name) + strlen("_android") + 1];
+  snprintf(versioned_symbol_name, sizeof(versioned_symbol_name), "%s_android",
+           symbol_name);
 
   void* symbol = dlsym(g_libicuuc_handle, versioned_symbol_name);
   if (symbol == nullptr) {
diff --git a/libc/bionic/malloc_common.cpp b/libc/bionic/malloc_common.cpp
index 50c2fec..b35aa27 100644
--- a/libc/bionic/malloc_common.cpp
+++ b/libc/bionic/malloc_common.cpp
@@ -80,8 +80,6 @@
 // https://reviews.llvm.org/D47613
 #define atomic_load_explicit_const(obj, order) atomic_load_explicit(RemoveConst(obj), order)
 
-static constexpr memory_order default_read_memory_order = memory_order_acquire;
-
 static constexpr MallocDispatch __libc_malloc_default_dispatch
   __attribute__((unused)) = {
     Malloc(calloc),
@@ -117,103 +115,88 @@
 // =============================================================================
 // Allocation functions
 // =============================================================================
+static inline const MallocDispatch* GetDispatchTable() {
+  return atomic_load_explicit_const(&__libc_globals->current_dispatch_table,
+                                    memory_order_acquire);
+}
+
 extern "C" void* calloc(size_t n_elements, size_t elem_size) {
-  auto _calloc = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.calloc,
-      default_read_memory_order);
-  if (__predict_false(_calloc != nullptr)) {
-    return _calloc(n_elements, elem_size);
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->calloc(n_elements, elem_size);
   }
   return Malloc(calloc)(n_elements, elem_size);
 }
 
 extern "C" void free(void* mem) {
-  auto _free = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.free,
-      default_read_memory_order);
-  if (__predict_false(_free != nullptr)) {
-    _free(mem);
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    dispatch_table->free(mem);
   } else {
     Malloc(free)(mem);
   }
 }
 
 extern "C" struct mallinfo mallinfo() {
-  auto _mallinfo = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.mallinfo,
-      default_read_memory_order);
-  if (__predict_false(_mallinfo != nullptr)) {
-    return _mallinfo();
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->mallinfo();
   }
   return Malloc(mallinfo)();
 }
 
 extern "C" int mallopt(int param, int value) {
-  auto _mallopt = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.mallopt,
-      default_read_memory_order);
-  if (__predict_false(_mallopt != nullptr)) {
-    return _mallopt(param, value);
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->mallopt(param, value);
   }
   return Malloc(mallopt)(param, value);
 }
 
 extern "C" void* malloc(size_t bytes) {
-  auto _malloc = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.malloc,
-      default_read_memory_order);
-  if (__predict_false(_malloc != nullptr)) {
-    return _malloc(bytes);
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->malloc(bytes);
   }
   return Malloc(malloc)(bytes);
 }
 
 extern "C" size_t malloc_usable_size(const void* mem) {
-  auto _malloc_usable_size = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.malloc_usable_size,
-      default_read_memory_order);
-  if (__predict_false(_malloc_usable_size != nullptr)) {
-    return _malloc_usable_size(mem);
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->malloc_usable_size(mem);
   }
   return Malloc(malloc_usable_size)(mem);
 }
 
 extern "C" void* memalign(size_t alignment, size_t bytes) {
-  auto _memalign = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.memalign,
-      default_read_memory_order);
-  if (__predict_false(_memalign != nullptr)) {
-    return _memalign(alignment, bytes);
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->memalign(alignment, bytes);
   }
   return Malloc(memalign)(alignment, bytes);
 }
 
 extern "C" int posix_memalign(void** memptr, size_t alignment, size_t size) {
-  auto _posix_memalign = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.posix_memalign,
-      default_read_memory_order);
-  if (__predict_false(_posix_memalign != nullptr)) {
-    return _posix_memalign(memptr, alignment, size);
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->posix_memalign(memptr, alignment, size);
   }
   return Malloc(posix_memalign)(memptr, alignment, size);
 }
 
 extern "C" void* aligned_alloc(size_t alignment, size_t size) {
-  auto _aligned_alloc = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.aligned_alloc,
-      default_read_memory_order);
-  if (__predict_false(_aligned_alloc != nullptr)) {
-    return _aligned_alloc(alignment, size);
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->aligned_alloc(alignment, size);
   }
   return Malloc(aligned_alloc)(alignment, size);
 }
 
 extern "C" void* realloc(void* old_mem, size_t bytes) {
-  auto _realloc = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.realloc,
-      default_read_memory_order);
-  if (__predict_false(_realloc != nullptr)) {
-    return _realloc(old_mem, bytes);
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->realloc(old_mem, bytes);
   }
   return Malloc(realloc)(old_mem, bytes);
 }
@@ -229,21 +212,17 @@
 
 #if defined(HAVE_DEPRECATED_MALLOC_FUNCS)
 extern "C" void* pvalloc(size_t bytes) {
-  auto _pvalloc = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.pvalloc,
-      default_read_memory_order);
-  if (__predict_false(_pvalloc != nullptr)) {
-    return _pvalloc(bytes);
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->pvalloc(bytes);
   }
   return Malloc(pvalloc)(bytes);
 }
 
 extern "C" void* valloc(size_t bytes) {
-  auto _valloc = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.valloc,
-      default_read_memory_order);
-  if (__predict_false(_valloc != nullptr)) {
-    return _valloc(bytes);
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->valloc(bytes);
   }
   return Malloc(valloc)(bytes);
 }
@@ -365,7 +344,7 @@
 // =============================================================================
 
 template<typename FunctionType>
-static bool InitMallocFunction(void* malloc_impl_handler, _Atomic(FunctionType)* func, const char* prefix, const char* suffix) {
+static bool InitMallocFunction(void* malloc_impl_handler, FunctionType* func, const char* prefix, const char* suffix) {
   char symbol[128];
   snprintf(symbol, sizeof(symbol), "%s_%s", prefix, suffix);
   *func = reinterpret_cast<FunctionType>(dlsym(malloc_impl_handler, symbol));
@@ -433,7 +412,7 @@
   return true;
 }
 
-static void malloc_fini_impl(void*) {
+static void MallocFiniImpl(void*) {
   // Our BSD stdio implementation doesn't close the standard streams,
   // it only flushes them. Other unclosed FILE*s will show up as
   // malloc leaks, but to avoid the standard streams showing up in
@@ -608,18 +587,16 @@
 // hooks. nullptr if they had not been loaded before.
 static _Atomic (void*) g_heapprofd_handle = nullptr;
 
-static void install_hooks(libc_globals* globals, const char* options,
+static void InstallHooks(libc_globals* globals, const char* options,
                           const char* prefix, const char* shared_lib) {
-  MallocDispatch dispatch_table;
-
   void* impl_handle = atomic_load(&g_heapprofd_handle);
   bool reusing_handle = impl_handle != nullptr;
   if (reusing_handle) {
-    if (!InitSharedLibrary(impl_handle, shared_lib, prefix, &dispatch_table)) {
+    if (!InitSharedLibrary(impl_handle, shared_lib, prefix, &globals->malloc_dispatch_table)) {
       return;
     }
   } else {
-    impl_handle = LoadSharedLibrary(shared_lib, prefix, &dispatch_table);
+    impl_handle = LoadSharedLibrary(shared_lib, prefix, &globals->malloc_dispatch_table);
     if (impl_handle == nullptr) {
       return;
     }
@@ -636,17 +613,10 @@
     return;
   }
 
-  // We assign free  first explicitly to prevent the case where we observe a
-  // alloc, but miss the corresponding free because of initialization order.
-  //
-  // This is safer than relying on the declaration order inside
-  // MallocDispatch at the cost of an extra atomic pointer write on
-  // initialization.
-  atomic_store(&globals->malloc_dispatch.free, dispatch_table.free);
-  // The struct gets assigned elementwise and each of the elements is an
-  // _Atomic. Assigning to an _Atomic is an atomic_store operation.
-  // The assignment is done in declaration order.
-  globals->malloc_dispatch = dispatch_table;
+  // Do a pointer swap so that all of the functions become valid at once to
+  // avoid any initialization order problems.
+  atomic_store(&globals->current_dispatch_table, &globals->malloc_dispatch_table);
+
   atomic_store(&g_heapprofd_handle, impl_handle);
 
   info_log("%s: malloc %s enabled", getprogname(), prefix);
@@ -655,7 +625,7 @@
   // where another atexit function is used to cleanup allocated memory,
   // but the finalize function was already called. This particular error
   // seems to be triggered by a zygote spawned process calling exit.
-  int ret_value = __cxa_atexit(malloc_fini_impl, nullptr, nullptr);
+  int ret_value = __cxa_atexit(MallocFiniImpl, nullptr, nullptr);
   if (ret_value != 0) {
     error_log("failed to set atexit cleanup function: %d", ret_value);
   }
@@ -688,7 +658,7 @@
 extern "C" void MaybeInstallInitHeapprofdHook(int);
 
 // Initializes memory allocation framework once per process.
-static void malloc_init_impl(libc_globals* globals) {
+static void MallocInitImpl(libc_globals* globals) {
   struct sigaction action = {};
   action.sa_handler = MaybeInstallInitHeapprofdHook;
   sigaction(HEAPPROFD_SIGNAL, &action, nullptr);
@@ -712,7 +682,7 @@
     return;
   }
   if (!atomic_exchange(&g_heapprofd_init_in_progress, true)) {
-    install_hooks(globals, options, prefix, shared_lib);
+    InstallHooks(globals, options, prefix, shared_lib);
     atomic_store(&g_heapprofd_init_in_progress, false);
   }
 }
@@ -721,12 +691,12 @@
 // This routine is called from __libc_init routines in libc_init_dynamic.cpp.
 __BIONIC_WEAK_FOR_NATIVE_BRIDGE
 __LIBC_HIDDEN__ void __libc_init_malloc(libc_globals* globals) {
-  malloc_init_impl(globals);
+  MallocInitImpl(globals);
 }
 
 static void* InitHeapprofd(void*) {
   __libc_globals.mutate([](libc_globals* globals) {
-    install_hooks(globals, nullptr, HEAPPROFD_PREFIX, HEAPPROFD_SHARED_LIB);
+    InstallHooks(globals, nullptr, HEAPPROFD_PREFIX, HEAPPROFD_SHARED_LIB);
   });
   atomic_store(&g_heapprofd_init_in_progress, false);
   // Allow to install hook again to re-initialize heap profiling after the
@@ -738,7 +708,7 @@
 static void* InitHeapprofdHook(size_t bytes) {
   if (!atomic_exchange(&g_heapprofd_init_hook_installed, true)) {
     __libc_globals.mutate([](libc_globals* globals) {
-      atomic_store(&globals->malloc_dispatch.malloc, nullptr);
+      atomic_store(&globals->current_dispatch_table, nullptr);
     });
 
     pthread_t thread_id;
@@ -752,6 +722,29 @@
   return Malloc(malloc)(bytes);
 }
 
+static constexpr MallocDispatch __heapprofd_dispatch
+  __attribute__((unused)) = {
+    Malloc(calloc),
+    Malloc(free),
+    Malloc(mallinfo),
+    InitHeapprofdHook,
+    Malloc(malloc_usable_size),
+    Malloc(memalign),
+    Malloc(posix_memalign),
+#if defined(HAVE_DEPRECATED_MALLOC_FUNCS)
+    Malloc(pvalloc),
+#endif
+    Malloc(realloc),
+#if defined(HAVE_DEPRECATED_MALLOC_FUNCS)
+    Malloc(valloc),
+#endif
+    Malloc(iterate),
+    Malloc(malloc_disable),
+    Malloc(malloc_enable),
+    Malloc(mallopt),
+    Malloc(aligned_alloc),
+  };
+
 extern "C" void MaybeInstallInitHeapprofdHook(int) {
   // Zygote child processes must be marked profileable.
   if (gMallocLeakZygoteChild &&
@@ -761,7 +754,7 @@
 
   if (!atomic_exchange(&g_heapprofd_init_in_progress, true)) {
     __libc_globals.mutate([](libc_globals* globals) {
-      atomic_store(&globals->malloc_dispatch.malloc, InitHeapprofdHook);
+      atomic_store(&globals->current_dispatch_table, &__heapprofd_dispatch);
     });
   }
 }
@@ -776,7 +769,7 @@
 bool MallocDispatchReset() {
   if (!atomic_exchange(&g_heapprofd_init_in_progress, true)) {
     __libc_globals.mutate([](libc_globals* globals) {
-      globals->malloc_dispatch = __libc_malloc_default_dispatch;
+      atomic_store(&globals->current_dispatch_table, nullptr);
     });
     atomic_store(&g_heapprofd_init_in_progress, false);
     return true;
@@ -839,11 +832,9 @@
 // [base, base+size).  Must be called between malloc_disable and malloc_enable.
 extern "C" int malloc_iterate(uintptr_t base, size_t size,
     void (*callback)(uintptr_t base, size_t size, void* arg), void* arg) {
-  auto _iterate = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.iterate,
-      default_read_memory_order);
-  if (__predict_false(_iterate != nullptr)) {
-    return _iterate(base, size, callback, arg);
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->iterate(base, size, callback, arg);
   }
   return Malloc(iterate)(base, size, callback, arg);
 }
@@ -851,22 +842,18 @@
 // Disable calls to malloc so malloc_iterate gets a consistent view of
 // allocated memory.
 extern "C" void malloc_disable() {
-  auto _malloc_disable = atomic_load_explicit_const(
-     & __libc_globals->malloc_dispatch.malloc_disable,
-      default_read_memory_order);
-  if (__predict_false(_malloc_disable != nullptr)) {
-    return _malloc_disable();
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->malloc_disable();
   }
   return Malloc(malloc_disable)();
 }
 
 // Re-enable calls to malloc after a previous call to malloc_disable.
 extern "C" void malloc_enable() {
-  auto _malloc_enable = atomic_load_explicit_const(
-      &__libc_globals->malloc_dispatch.malloc_enable,
-      default_read_memory_order);
-  if (__predict_false(_malloc_enable != nullptr)) {
-    return _malloc_enable();
+  auto dispatch_table = GetDispatchTable();
+  if (__predict_false(dispatch_table != nullptr)) {
+    return dispatch_table->malloc_enable();
   }
   return Malloc(malloc_enable)();
 }
diff --git a/libc/private/bionic_globals.h b/libc/private/bionic_globals.h
index 4c4172a..447b3b9 100644
--- a/libc/private/bionic_globals.h
+++ b/libc/private/bionic_globals.h
@@ -29,6 +29,7 @@
 #ifndef _PRIVATE_BIONIC_GLOBALS_H
 #define _PRIVATE_BIONIC_GLOBALS_H
 
+#include <stdatomic.h>
 #include <sys/cdefs.h>
 #include <link.h>
 #include <pthread.h>
@@ -43,7 +44,18 @@
 struct libc_globals {
   vdso_entry vdso[VDSO_END];
   long setjmp_cookie;
-  MallocDispatch malloc_dispatch;
+
+  // In order to allow a complete switch between dispatch tables without
+  // the need for copying each function by function in the structure,
+  // use a single atomic pointer to switch.
+  // The current_dispatch_table pointer can only ever be set to a complete
+  // table. Any dispatch table that is pointed to by current_dispatch_table
+  // cannot be modified after that. If the pointer changes in the future,
+  // the old pointer must always stay valid.
+  // The malloc_dispatch_table is modified by malloc debug, malloc hooks,
+  // and heaprofd. Only one of these modes can be active at any given time.
+  _Atomic(const MallocDispatch*) current_dispatch_table;
+  MallocDispatch malloc_dispatch_table;
 };
 
 __LIBC_HIDDEN__ extern WriteProtected<libc_globals> __libc_globals;
diff --git a/libc/private/bionic_malloc_dispatch.h b/libc/private/bionic_malloc_dispatch.h
index f15b72c..0dce03d 100644
--- a/libc/private/bionic_malloc_dispatch.h
+++ b/libc/private/bionic_malloc_dispatch.h
@@ -31,7 +31,6 @@
 
 #include <stddef.h>
 #include <stdint.h>
-#include <stdatomic.h>
 #include <private/bionic_config.h>
 
 // Entry in malloc dispatch table.
@@ -55,25 +54,25 @@
 #endif
 
 struct MallocDispatch {
-  _Atomic MallocCalloc calloc;
-  _Atomic MallocFree free;
-  _Atomic MallocMallinfo mallinfo;
-  _Atomic MallocMalloc malloc;
-  _Atomic MallocMallocUsableSize malloc_usable_size;
-  _Atomic MallocMemalign memalign;
-  _Atomic MallocPosixMemalign posix_memalign;
+  MallocCalloc calloc;
+  MallocFree free;
+  MallocMallinfo mallinfo;
+  MallocMalloc malloc;
+  MallocMallocUsableSize malloc_usable_size;
+  MallocMemalign memalign;
+  MallocPosixMemalign posix_memalign;
 #if defined(HAVE_DEPRECATED_MALLOC_FUNCS)
-  _Atomic MallocPvalloc pvalloc;
+  MallocPvalloc pvalloc;
 #endif
-  _Atomic MallocRealloc realloc;
+  MallocRealloc realloc;
 #if defined(HAVE_DEPRECATED_MALLOC_FUNCS)
-  _Atomic MallocValloc valloc;
+  MallocValloc valloc;
 #endif
-  _Atomic MallocIterate iterate;
-  _Atomic MallocMallocDisable malloc_disable;
-  _Atomic MallocMallocEnable malloc_enable;
-  _Atomic MallocMallopt mallopt;
-  _Atomic MallocAlignedAlloc aligned_alloc;
+  MallocIterate iterate;
+  MallocMallocDisable malloc_disable;
+  MallocMallocEnable malloc_enable;
+  MallocMallopt mallopt;
+  MallocAlignedAlloc aligned_alloc;
 } __attribute__((aligned(32)));
 
 #endif
diff --git a/libc/symbol_ordering b/libc/symbol_ordering
index b672b35..8b2d153 100644
--- a/libc/symbol_ordering
+++ b/libc/symbol_ordering
@@ -46,7 +46,6 @@
 optreset
 _rs_forked
 daylight
-_ZL17g_icudata_version
 gMallocLeakZygoteChild
 _ZL18netdClientInitOnce
 je_opt_narenas
diff --git a/linker/linker.cpp b/linker/linker.cpp
index 428dd25..e12a28c 100644
--- a/linker/linker.cpp
+++ b/linker/linker.cpp
@@ -91,19 +91,21 @@
 static const char* const kLdConfigVndkLiteFilePath = "/system/etc/ld.config.vndk_lite.txt";
 
 #if defined(__LP64__)
-static const char* const kSystemLibDir     = "/system/lib64";
-static const char* const kOdmLibDir        = "/odm/lib64";
-static const char* const kVendorLibDir     = "/vendor/lib64";
-static const char* const kAsanSystemLibDir = "/data/asan/system/lib64";
-static const char* const kAsanOdmLibDir    = "/data/asan/odm/lib64";
-static const char* const kAsanVendorLibDir = "/data/asan/vendor/lib64";
+static const char* const kSystemLibDir        = "/system/lib64";
+static const char* const kOdmLibDir           = "/odm/lib64";
+static const char* const kVendorLibDir        = "/vendor/lib64";
+static const char* const kAsanSystemLibDir    = "/data/asan/system/lib64";
+static const char* const kAsanOdmLibDir       = "/data/asan/odm/lib64";
+static const char* const kAsanVendorLibDir    = "/data/asan/vendor/lib64";
+static const char* const kRuntimeApexLibDir   = "/apex/com.android.runtime/lib64";
 #else
-static const char* const kSystemLibDir     = "/system/lib";
-static const char* const kOdmLibDir        = "/odm/lib";
-static const char* const kVendorLibDir     = "/vendor/lib";
-static const char* const kAsanSystemLibDir = "/data/asan/system/lib";
-static const char* const kAsanOdmLibDir    = "/data/asan/odm/lib";
-static const char* const kAsanVendorLibDir = "/data/asan/vendor/lib";
+static const char* const kSystemLibDir        = "/system/lib";
+static const char* const kOdmLibDir           = "/odm/lib";
+static const char* const kVendorLibDir        = "/vendor/lib";
+static const char* const kAsanSystemLibDir    = "/data/asan/system/lib";
+static const char* const kAsanOdmLibDir       = "/data/asan/odm/lib";
+static const char* const kAsanVendorLibDir    = "/data/asan/vendor/lib";
+static const char* const kRuntimeApexLibDir   = "/apex/com.android.runtime/lib";
 #endif
 
 static const char* const kAsanLibDirPrefix = "/data/asan";
@@ -228,6 +230,44 @@
 }
 // END OF WORKAROUND
 
+// Workaround for dlopen(/system/lib(64)/<soname>) when .so is in /apex. http://b/121248172
+/**
+ * Translate /system path to /apex path if needed
+ * The workaround should work only when targetSdkVersion < Q.
+ *
+ * param out_name_to_apex pointing to /apex path
+ * return true if translation is needed
+ */
+static bool translateSystemPathToApexPath(const char* name, std::string* out_name_to_apex) {
+  static const char* const kSystemToRuntimeApexLibs[] = {
+    "libicuuc.so",
+    "libicui18n.so",
+  };
+  // New mapping for new apex should be added below
+
+  // Nothing to do if target sdk version is Q or above
+  if (get_application_target_sdk_version() >= __ANDROID_API_Q__) {
+    return false;
+  }
+
+  // If the path isn't /system/lib, there's nothing to do.
+  if (name == nullptr || dirname(name) != kSystemLibDir) {
+    return false;
+  }
+
+  const char* base_name = basename(name);
+
+  for (const char* soname : kSystemToRuntimeApexLibs) {
+    if (strcmp(base_name, soname) == 0) {
+      *out_name_to_apex = std::string(kRuntimeApexLibDir) + "/" + base_name;
+      return true;
+    }
+  }
+
+  return false;
+}
+// End Workaround for dlopen(/system/lib/<soname>) when .so is in /apex.
+
 static std::vector<std::string> g_ld_preload_names;
 
 static bool g_anonymous_namespace_initialized;
@@ -2074,13 +2114,14 @@
   android_namespace_t* ns = get_caller_namespace(caller);
 
   LD_LOG(kLogDlopen,
-         "dlopen(name=\"%s\", flags=0x%x, extinfo=%s, caller=\"%s\", caller_ns=%s@%p) ...",
+         "dlopen(name=\"%s\", flags=0x%x, extinfo=%s, caller=\"%s\", caller_ns=%s@%p, targetSdkVersion=%i) ...",
          name,
          flags,
          android_dlextinfo_to_string(extinfo).c_str(),
          caller == nullptr ? "(null)" : caller->get_realpath(),
          ns == nullptr ? "(null)" : ns->get_name(),
-         ns);
+         ns,
+         get_application_target_sdk_version());
 
   auto purge_guard = android::base::make_scope_guard([&]() { purge_unused_memory(); });
 
@@ -2114,6 +2155,28 @@
     }
   }
 
+  // Workaround for dlopen(/system/lib/<soname>) when .so is in /apex. http://b/121248172
+  // The workaround works only when targetSdkVersion < Q.
+  std::string name_to_apex;
+  if (translateSystemPathToApexPath(name, &name_to_apex)) {
+    const char* new_name = name_to_apex.c_str();
+    LD_LOG(kLogDlopen, "dlopen considering translation from %s to APEX path %s",
+           name,
+           new_name);
+    // Some APEXs could be optionally disabled. Only translate the path
+    // when the old file is absent and the new file exists.
+    if (file_exists(name)) {
+      LD_LOG(kLogDlopen, "dlopen %s exists, not translating", name);
+    } else if (!file_exists(new_name)) {
+      LD_LOG(kLogDlopen, "dlopen %s does not exist, not translating",
+             new_name);
+    } else {
+      LD_LOG(kLogDlopen, "dlopen translation accepted: using %s", new_name);
+      name = new_name;
+    }
+  }
+  // End Workaround for dlopen(/system/lib/<soname>) when .so is in /apex.
+
   std::string asan_name_holder;
 
   const char* translated_name = name;
diff --git a/tests/dlext_test.cpp b/tests/dlext_test.cpp
index c9ecd2e..aff5e37 100644
--- a/tests/dlext_test.cpp
+++ b/tests/dlext_test.cpp
@@ -232,6 +232,12 @@
   dlclose(handle);
 }
 
+TEST(dlfcn, dlopen_from_nullptr_android_api_level) {
+  // Regression test for http://b/123972211. Testing dlopen(nullptr) when target sdk is P
+  android_set_application_target_sdk_version(__ANDROID_API_P__);
+  ASSERT_TRUE(dlopen(nullptr, RTLD_NOW) != nullptr);
+}
+
 TEST(dlfcn, dlopen_from_zip_absolute_path) {
   const std::string lib_zip_path = "/libdlext_test_zip/libdlext_test_zip_zipaligned.zip";
   const std::string lib_path = GetTestlibRoot() + lib_zip_path;
diff --git a/tests/malloc_test.cpp b/tests/malloc_test.cpp
index a3fe5af..1431cc1 100644
--- a/tests/malloc_test.cpp
+++ b/tests/malloc_test.cpp
@@ -588,10 +588,13 @@
       size_t new_allocated = mallinfo().uordblks;
       if (allocated != new_allocated) {
         size_t usable_size = malloc_usable_size(ptrs[i]);
-        ASSERT_GE(new_allocated, allocated + usable_size)
-            << "Failed at size " << size << " usable size " << usable_size;
-        pass = true;
-        break;
+        // Only check if the total got bigger by at least allocation size.
+        // Sometimes the mallinfo numbers can go backwards due to compaction
+        // and/or freeing of cached data.
+        if (new_allocated >= allocated + usable_size) {
+          pass = true;
+          break;
+        }
       }
     }
     for (void* ptr : ptrs) {